SAML Single Sign-On (SSO)
Overview
SAML Single Sign-On (SSO) makes it easy for your team to access Fyno using your centralized identity provider (IdP). Everyone can log in seamlessly through the company’s primary authentication system, such as Okta, AWS, or Google Workspace, without needing separate passwords.
After SAML is enabled, users can:
- Open your company’s IdP (for example, Okta or AWS).
- Click on the Fyno application.
- Get logged in automatically.
You control access from one place:
- If you give someone access, they can use Fyno.
- Just-in-Time (JIT) access lets your team sign in to Fyno using your company’s identity provider. Users get instant access when they log in, and access is removed immediately when they’re removed from your IdP or when they leave the organisation.
How to Set Up SAML in Fyno
Prerequisites:
Before starting, make sure you have:
- Admin access to your Identity Provider (IdP).
- Ability to download or copy your SAML Signing Certificate from your IdP.
Get the Signing Certificate from Your Identity Provider
- Go to your Identity Provider’s SAML application or SSO configuration section.
- Locate the Signing Certificate (it may also be called):
- X.509 Certificate
- Public Certificate
- SAML Certificate
- Metadata
- Export or download the certificate in .xml format.
Receive Configuration Details from Fyno
Fyno will send you the following values:
- ACS URL (Assertion Consumer Service URL) / Recipient URL / Destination URL
- Audience / Entity ID
- Custom ID (generated by the Fyno team)
These values are unique to your organization and environment.
Note: For more details or support, reach out to us at support@fyno.io.
